<?php require_once 'session.php'; session_start(); $conn = new Database(); $me = $_SESSION['user']->getName(); if (!$_SESSION['user']->isLoggedIn()) { header('location: index.php'); } $result = ''; $game = ''; $console = ''; if (isset($_GET['game']) && trim($_GET['game']) && isset($_GET['console']) && trim($_GET['console'])) { $game = pg_escape_string($_GET['game']); $console = pg_escape_string($_GET['console']); $result = $conn->queryTable("select * from getQuestion('{$game}','{$console}');"); } $i = 1; while (isset($_POST["qid{$i}"]) && trim($_POST["qid{$i}"]) && isset($_POST["ansSelf{$i}"]) && trim($_POST["ansSelf{$i}"])) { $qid = pg_escape_string($_POST["qid{$i}"]); $ansSelf = pg_escape_string($_POST["ansSelf{$i}"]); $imp = pg_escape_string($_POST["imp{$i}"]); $ansOthTmp = ""; for ($j = 1; $j <= 5; $j++) { if (isset($_POST["ans{$j}" . "Oth{$i}"])) { $ansOthTmp .= "1"; } else { $ansOthTmp .= "0"; } } $ansOth = pg_escape_string($ansOthTmp);
<?php include_once "session.php"; include_once "classes.php"; session_start(); // Get this from $_SESSION $me = $_SESSION["user"]->getName(); if (!$_SESSION['user']->isLoggedIn()) { header('location: index.php'); } $conn = new Database(); $result = $conn->queryTable("select * from getGames('{$me}');"); if (isset($_POST['games'])) { foreach ($_POST['games'] as $game) { $split = split('#', $game); $game = pg_escape_string($split[0]); $console = pg_escape_string($split[1]); if (!$conn->queryTrueFalse("select likeGame('{$me}','{$game}','{$console}');")) { die('Please contact benson'); } else { header('Location: question.php'); } } } ?> <!DOCTYPE HTML> <html> <head> <meta charset="utf-8"> <title>eHarbinger</title>
echo "Error: Game {$game} does not exist for Console {$console}"; } } if (isset($_POST['addAdmin']) && trim($_POST['addAdmin'])) { $admin = pg_escape_string($_POST['addAdmin']); if (!$conn->queryTrueFalse("select addAdmin('{$admin}');")) { echo "Error: Failed to add admin: {$admin}"; } } if (isset($_POST['rmAdmin']) && trim($_POST['rmAdmin'])) { $admin = pg_escape_string($_POST['rmAdmin']); if (!$conn->queryTrueFalse("select rmAdmin('{$admin}');")) { echo "Error: Failed to remove admin: {$admin}"; } } $resultCon = $conn->queryTable('select DISTINCT gameConsole FROM games ORDER BY gameConsole ASC'); $consoles = array(); foreach ($resultCon as $row) { array_push($consoles, $row['gameconsole']); } $games = array(); $resultGame = $conn->queryTable('select DISTINCT gamename FROM games ORDER BY gamename ASC'); foreach ($resultGame as $row) { array_push($games, $row['gamename']); } $users = array(); $admins = array(); $resultUser = $conn->queryTable("select username,isadmin from users where username!='{$me}' and username!='brian'"); foreach ($resultUser as $row) { if ($row['isadmin'] == 'f') { array_push($users, $row['username']);